Merge pull request #428 from AFLplusplus/dev

Dev

1 files changed, 11 insertions, 2 deletions

diff --git a/llvm_mode/afl-llvm-rt.o.c b/llvm_mode/afl-llvm-rt.o.c
index 17b70f26..f81d13ee 100644
--- a/llvm_mode/afl-llvm-rt.o.c
+++ b/llvm_mode/afl-llvm-rt.o.c
@@ -183,6 +183,9 @@ static void __afl_map_shm(void) {
 
   if (__afl_final_loc) {
 
+    if (__afl_final_loc % 8)
+      __afl_final_loc = (((__afl_final_loc + 7) >> 3) << 3);
+
     __afl_map_size = __afl_final_loc;
     if (__afl_final_loc > MAP_SIZE) {
 
@@ -392,7 +395,10 @@ static void __afl_start_snapshots(void) {
 
     if (read(FORKSRV_FD, &was_killed, 4) != 4) _exit(1);
 
-    if ((was_killed & (0xffffffff & (FS_OPT_ENABLED | FS_OPT_SHDMEM_FUZZ))) ==
+    if (getenv("AFL_DEBUG"))
+      fprintf(stderr, "target forkserver recv: %08x\n", was_killed);
+
+    if ((was_killed & (FS_OPT_ENABLED | FS_OPT_SHDMEM_FUZZ)) ==
         (FS_OPT_ENABLED | FS_OPT_SHDMEM_FUZZ)) {
 
       __afl_map_shm_fuzz();
@@ -591,6 +597,9 @@ static void __afl_start_forkserver(void) {
 
     if (read(FORKSRV_FD, &was_killed, 4) != 4) _exit(1);
 
+    if (getenv("AFL_DEBUG"))
+      fprintf(stderr, "target forkserver recv: %08x\n", was_killed);
+
     if ((was_killed & (FS_OPT_ENABLED | FS_OPT_SHDMEM_FUZZ)) ==
         (FS_OPT_ENABLED | FS_OPT_SHDMEM_FUZZ)) {
 
@@ -871,7 +880,7 @@ void __sanitizer_cov_trace_pc_guard_init(uint32_t *start, uint32_t *stop) {
   while (start < stop) {
 
     if (R(100) < inst_ratio)
-      *start = R(MAP_SIZE - 1) + 1;
+      *start = ++__afl_final_loc;
     else
       *start = 0;